Site icon Liquidmatrix Security Digest

Default Passwords in NetFlow Collection Engine

Released today from Cisco:

Summary

Versions of Cisco Network Services (CNS) NetFlow Collection Engine (NFC) prior to 6.0 create and use default accounts with identical usernames and passwords. An attacker with knowledge of these accounts can modify the application configuration and, in certain instances, gain user access to the host operating system.

The upgrade to NFC version 6.0 is not a free upgrade. This default password issue does not require a software upgrade and can be changed by a configuration command for all affected customers. The workaround detailed in this document demonstrates how to change the passwords in 5.0.

Vulnerable Products

This vulnerability affects Cisco NetFlow Collection Engine running software versions prior to 6.0.0. The software version of the Cisco NetFlow Collection Engine can be determined by either logging into the web-based user interface (UI) or using the show-tech parameter of the nfcollector command from the host operating system. For customers running version 6.0 or later, the nfcollector command uses the version parameter to determine the software level.

Users can determine the NFC version by using a web browser to navigate to http://(nfc-hostname):8080/nfc in a web browser and selecting About in the upper left-hand corner. The browser displays the NFC version in a new window.

Article Link

[tags]Cisco NetFlow, Default Passwords, NetFlow Collection Engine[/tags]

Exit mobile version